Adding Threat during Software Requirements Elicitation and Prioritization

Requirements may be defined as a demand or need. In software engineering, a requirement is a description of what a system should do. System may have dozen to thousands of requirements. Software requirements stipulate what must be accomplished, transformed, produced or provided. In the field of software engineering researchers, academicians and scientist have developed many models and framework to elicit and prioritize the software requirements. It is well documented that requirement engineering saves money. There are several techniques to elicit the software requirements like JAD, misuse, RAD etc. In this paper we have used the JAD approach to elicit the software requirements. In this paper we have proposed a framework to elicit the software requirements and also to prioritize the software requirements. The proposed framework will rank the requirements by the relative level of threat associated with each requirement.

[1]  John Steven,et al.  Defining Misuse within the Development Process , 2006, IEEE Security & Privacy.

[2]  T. Saaty,et al.  The Analytic Hierarchy Process , 1985 .

[3]  D. Gupta,et al.  Software Risk Assessment and Estimation Model , 2008, 2008 International Conference on Computer Science and Information Technology.

[4]  Jeffrey A. Ingalsbe,et al.  Ensuring Cost Efficient and Secure Software through Student Case Studies in Risk and Requirements Prioritization , 2009, 2009 42nd Hawaii International Conference on System Sciences.

[5]  Qamar Abbas,et al.  An Approach for Requirement Prioritization Using B-Tree , 2008, 2008 First International Conference on Emerging Trends in Engineering and Technology.

[6]  Otthein Herzog,et al.  SLAN-4-A software specification and design language , 1980, IEEE Transactions on Software Engineering.

[7]  Alan M. Davis,et al.  Elicitation technique selection: how do experts do it? , 2003, Proceedings. 11th IEEE International Requirements Engineering Conference, 2003..

[8]  A. Eberlein,et al.  Requirements Engineering for Software Product Lines , 2002 .

[9]  John A. van der Poll,et al.  Towards a Methodology to Elicit Tacit Domain Knowledge from Users , 2007 .

[10]  Alan M. Davis,et al.  Requirements elicitation and elicitation technique selection: model for two knowledge-intensive software development processes , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[11]  Dianxiang Xu,et al.  Misuse case-based design and analysis of secure software architecture , 2005, International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume II.

[12]  Joachim Karlsson,et al.  Software requirements prioritizing , 1996, Proceedings of the Second International Conference on Requirements Engineering.

[13]  Donald Firesmith,et al.  Prioritizing Requirements , 2004, J. Object Technol..

[14]  M. Tech,et al.  Elicitation and Prioritization of Software Requirements , 2009 .

[15]  Mohd. Sadiq,et al.  Elicitation and Prioritization of Software Requirements , 2009 .

[16]  Mohd. Sadiq,et al.  An Approach for Eliciting Software Requirements and its Prioritization Using Analytic Hierarchy Process , 2009, 2009 International Conference on Advances in Recent Technologies in Communication and Computing.

[17]  Claes Wohlin,et al.  An evaluation of methods for prioritizing software requirements , 1998, Inf. Softw. Technol..

[18]  Chia-Chu Chiang,et al.  A new approach for software requirements elicitation , 2005, Sixth International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing and First ACIS International Workshop on Self-Assembling Wireless Network.

[19]  I. Alexander,et al.  Misuse cases help to elicit non-functional requirements , 2003 .